Monday, 10 March 2014

Email Spoofing

Email spoofing is the forgery of an Email header so that the message appears to have originated from someone or
somewhere other than the actual source.

 Distributors of spam often use spoofing in an attempt to get recipients
to open, and possibly even respond to, their solicitations. Spoofing can be used legitimately. There are so many ways to send the Fake Emails even without knowing the password of the Email ID. The Internet
is so vulnerable that you can use anybody's Email ID to send a threatening Email to any official personnel.

Methods to send fake emails 

1.Open relay server 

2.Web Scripts  

Fake emails:Open relay system 


An Open Mail Relay is an SMTP (Simple Mail Transfer Protocol) server configured in such a way that it allows anyone on the Internet to send Email through it, not just mail destined ‘To’ or ‘Originating’ from known users.An Attacker can connect the Open Relay Server via Telnet and instruct the server to send the Email.Open Relay Email Server requires no password to send the Email 

Fake Emails: via web script 


Web Programming languages such as PHP and ASP contain the mail sending functions which can be used to send Emails by programming Fake headers i.e.” From: To: Subject:”There are so many websites available on the Internet which already contains these mail sending scripts. Most of them provide the free service. 
Some of Free Anonymous Email Websites are: (Send attachments as well) one is used for getting fake identity) 

Spam and Worms 


Malware such as Klez and Sober and many more modern examples often search for email addresses within the computer they have infected, and use those addresses both as targets for email, but also to create credible forged From fields in the emails that they send, so that these emails are more likely to be opened. For example:
Dave is sent an infected email which he opens, running the worm code.
The worm code searches Dave's address book and finds the addresses of Ron and Lynda
From Dave's computer, the worm sends an infected email to Ron, but forged to appear to have been sent by Lynda.
In this case, even if Ron's system detects the incoming mail as containing malware, he sees the source as being Lynda - while Dave remains unaware of the actual infection.

E-mail spoofing is possible because Simple Mail Transfer Protocol (SMTP), the main protocol used in sending e-mail, does not include an authentication mechanism. Although an SMTP service extension (specified in IETF RFC 2554) allows an SMTP client to negotiate a security level with a mail server, this precaution is not often taken. If the precaution is not taken, anyone with the requisite knowledge can connect to the server and use it to send messages. To send spoofed e-mail, senders insert commands in headers that will alter message information. It is possible to send a message that appears to be from anyone, anywhere, saying whatever the sender wants it to say. Thus, someone could send spoofed e-mail that appears to be from you with a message that you didn't write.

 How Do I Recognize and Defend Against Spoof Emails? 

Like with any con game in life, your best defense is skepticism. If you don’t believe that the email is truthful, or that the sender is legitimate, then simply don’t click on the link and type your email address. If there is a file attachment, simply don’t open it, lest it contain a virus payload. If the email seems too good to be true, then it probably is, and your skepticism will save you from divulging your banking information. 

 NOTE:=“Do not use this hack trick in any criminal activities and please do not destroy any ones account,
this is for educational purpose only”.

Sunday, 9 March 2014

Top 10 Ways To Hack Facebook

As far as today there are many known and unknown ways to hack facebook accounts.Here are some of the basic ways which are widely used to hack facebook.

             "These are only for educational purpose.Don't use this hacks to damage anybody's account"


 Keylogging is the easiest way to hack a Facebook password. Keylogging sometimes can be so dangerous that even a person with good knowledge of computers can fall for it. Keystroke logging, often referred to as keylogging or Keyboard Capturing, is the action of recording (or logging) the keys struck on a keyboard, typically in a covert manner so that the person using the keyboard is unaware that their actions are being monitored.[1] It also has very legitimate uses in studies of human-computer interaction. There are numerous keylogging methods, ranging from hardware and software-based approaches to acoustic analysis.Indeed a Keylogger is basically a small program which, once is installed on victim's computer, will record every thing victim types on his/her computer. The logs are then send back to the attacker by either FTP or directly to hackers email address.


Phishing is still the most popular attack vector used for hacking Facebook accounts. There are variety methods to carry out phishing attack .Phishing is the act of attempting to acquire information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication.[1][2] Communications purporting to be from popular social web sites, auction sites, banks, online payment processors or IT administrators are commonly used to lure unsuspecting public. Phishing emails may contain links to websites that are infected with malware.In a simple phishing attacks a hacker creates a fake login page which exactly looks like the real Facebook page and then asks the victim to log in. Once the victim login through the fake page the, the victims "Email Address" and "Password" is stored in to a text file, and the hacker then downloads the text file and gets his hands on the victims credentials.


Almost 80% percent people use stored passwords in their browser to access the Facebook.You can notice this is almost normal but the wrong thing goes here.There are some various where softwares which access our passwords and are indeed specially designed to capture the saved passwords stored in the victims Internet browser. 


 Sidejacking attack went common in late 2010, however it's still popular now a days.Firesheep is an extension for the Firefox web browser that uses a packet sniffer to intercept unencrypted cookies from websites such as Facebook and Twitter. As cookies are transmitted over networks, so these are used to discover identities in the browser.Firesheep is widely used to carry out sidejacking attacks. Firesheep only works when the attacker and victim is on the same WiFi network. A sidejacking attack is basically another name for http session hijacking, but it's more targeted towards WiFi users.  


Millions of Facebook users access Facebook through their mobile phones. In case the hacker can gain access to the victims mobile phone then he can probably gain access to his/her Facebook account. Their are a lots of Mobile Spying softwares used to monitor a Cellphone. The most popular Mobile Phone Spying software's are: Mobile Spy, and Spy Phone Gold. 



If an attacker has physical access to your computer, he could just insert a USB programmed with a function to automatically extract saved passwords in the Internet browser.Auto-hacking USB drives simply contain applications that recover passwords. 


DNS spoofing (or DNS cache poisoning) is a computer hacking attack, whereby data is introduced into a Domain Name System (DNS) name server's cache database, causing the name server to return an incorrect IP address, diverting traffic to another computer (often the attacker's).If an attacker has physical access to your computer, he could just insert a USB programmed with a function to automatically extract saved passwords in the Internet browser. 


A "botnet" is a collection of Internet-connected programs communicating with other similar programs in order to perform tasks.Botnets are not commonly used for hacking Facebook accounts, because of it's high setup costs. The infection process is same as the key logging, however a Botnet gives you additional options for carrying out attacks with the compromised computer. Some of the most popular "Botnets" include "Spyeye" and "Zeus."


The man-in-the-middle attack (often abbreviated MITM, MitM, MIM, MiM, MITMA) in cryptography and computer security is a form of active eavesdropping in which the attacker makes independent connections with the victims and relays messages between them.If the victim and attacker are on the same LAN and on a switch based network, a hacker can place himself between the client and the server, or he could act as a default gateway and hence capturing all the traffic in between.


In computer science, session hijacking, sometimes also known as cookie hijacking is the exploitation of valid computer session—sometimes also called a session key—to gain unauthorized access to information or service in a computer system. In Session Hijacking attack, a hacker steals the victims browser cookie which is used to authenticate the user on a website, and use it to access the victims account. Session hijacking is widely used on LAN, and WiFi connections. 

 NOTE:=“Do not use this hack trick in any criminal activities and please do not destroy any ones account,
this is for educational purpose only”.

Friday, 7 March 2014

Fix Windows Error and Optimize your System

As in today's world it is not easier to be protected from hackers and their various malwares and for that purpose every single man's PC struggles and try to avoid viruses entering and causing comparatively larger damage.Here are some examples that a common person wants his/her antivirus to do:
" "

These all are some of the common things where we need help to do.These all features indeed help it.
Today in the cyber world security is one of the most important fact determining the security of one's own

"Keeping a PC clean isn't easy with all of the different types of hardware, software and drivers available, so it's hard to say if your PC is clean without first analyzing your system registry. Many find this an arduous and confusing task which is why more than 100,000 people each week turn to *SMART PC FIXER" to keep their PC clean of registry problems and potential issues. "

SMART PC FIXER really helps boosting the performance of your PC. You will be able to get rid of problematic and obsolete registry keys entries created by software and drivers that were either uninstalled or deleted incorrectly in the past. You don't have to be an expert to use SMART PC FIXER, so don't worry about any limitation of computer knowledge.

Click Here! Smart PC Fixer™ is a top-ranking error-resolution registry cleaner which will fix the computer errors and optimize the system settings. You can scan, clean, optimize, and keep your PC much healthier with it !

No Blue Screen, No Lock up, No Errors, Less Garbage Files → More Smooth System Running.
It's Compatible to WINDOWS 7.

To optimize just follow these instructions=:
1.SCAN  [then it automatically does]
2.Fix System Errors
3.Improve Startup
4.Clean Registry
5.Defrag Disk
6.Optimize System Settings


Click Here!
Features that all in one PC care supports is:



  Minimum Requirements:
1.Windows 2000 or above
2.Internet connection
3.50 MB free hard disk space
4.Microsoft Internet Explorer 6.0 or above
5.logged on as system administrator.
Smart PC Fixer will identity your PC issues in 2 minutes.

Click Here! Smart PC Fixer full features registration is $29.98 for one year subscription including: fix errors, optimize your computer to boost speed and performance, improve startup times and increases stability.


Click Here!  Thanxx for dropping by :) Have a good day :) :) :)